{"id":4204,"date":"2019-10-22T12:51:14","date_gmt":"2019-10-22T04:51:14","guid":{"rendered":"http:\/\/switch.linesno.com\/?p=4204"},"modified":"2019-10-22T12:51:14","modified_gmt":"2019-10-22T04:51:14","slug":"using-nexus-3-as-your-repository-part-3-docker-images","status":"publish","type":"post","link":"http:\/\/switch.linesno.com\/?p=4204","title":{"rendered":"Using Nexus 3 as Your Repository \u2013 Part 3: Docker Images"},"content":{"rendered":"\n

This is the third and last part of a series of posts on Nexus 3 and how to use it as repository for several technologies. (Part 1<\/a>. Part 2<\/a>.)<\/p>\n\n\n\n

\"Stop-OutdatedContent\"\/<\/figure>\n\n\n\n

<\/a><\/p>\n\n\n\n

Installation<\/strong><\/p>\n\n\n\n

Check out the first part of this series to see how we installed and ran Nexus 3 using a single docker command. Just do that and the installation is done.<\/p>\n\n\n\n

Configuring Nexus as a Docker repo<\/strong><\/p>\n\n\n\n

What we will do:
\u2013 create a private (hosted) repository for our own images
\u2013 create a proxy repository pointing to Docker Hub
\u2013 create a group repository to provide all the above repos under a single URL<\/p>\n\n\n\n

I suggest you to create a new blob store for each new repo you want to create. That way, the data for every repo will be in a different folder in \/nexus-data (inside the Docker container). But this is not mandatory for it to work.<\/p>\n\n\n\n

By default, the Docker client communicates with the repo using HTTPS. In my use case I had to configure it with HTTP, because we didn\u2019t have the certificate nor the knowledge on how to obtain it.<\/p>\n\n\n\n

Important to notice: the Docker repo requires 2 different ports. We are going to use 8082 for pull from the proxy repo and 8083 for pull and push to the private repo.<\/p>\n\n\n\n

I had some problems with slightly older versions of Docker, so I strongly suggesting you to start with the version that I\u2019ve tested with, that is 1.12.3.<\/p>\n\n\n\n

private repo<\/strong><\/p>\n\n\n\n

A repository for Docker images that your team creates.<\/p>\n\n\n\n

Create a new Docker (hosted) repository and configure it like:<\/p>\n\n\n\n

\"rafael-1\"\/<\/figure>\n\n\n\n

proxy repo<\/strong>
A repository that proxies everything you download from the official registry, Docker Hub. Next time you download the same dependency, it will be cached in your Nexus.<\/p>\n\n\n\n

Create a new Docker (proxy) repository and configure it like:<\/p>\n\n\n\n

\"rafael-2\"\/<\/figure>\n\n\n\n
\"rafael-3\"\/<\/figure>\n\n\n\n


group repo<\/strong>
This will group all the above repos and provide you a single URL to configure your clients to download from to.<\/p>\n\n\n\n

Create a new Docker (group) repository and configure it like:<\/p>\n\n\n\n

\"rafael-4\"\/<\/figure>\n\n\n\n
\"rafael6\"\/<\/figure>\n\n\n\n

You can create as many repos as you need and group them all in the group repo.<\/p>\n\n\n\n

This step is actually optional to use Nexus 3 as a Docker repository, because we can stick to pulling and pushing to the proxy and hosted repositories as will be discussed later.<\/p>\n\n\n\n

Configuring your clients and projects to use your Nexus repos<\/strong>
To interact with your repo, the first thing is to configure the Docker daemon in your machine to accept working with HTTP instead of HTTPS.<\/p>\n\n\n\n

How exactly to do this config depends on your operating system, so you should check dockerd<\/a> documentation. On RHEL I did it putting this content in \/etc\/docker\/daemon.json<\/code>:<\/p>\n\n\n\n

{\n  \"insecure-registries\": [\n    \"your-repo:8082\",\n    \"your-repo:8083\"\n  ],\n  \"disable-legacy-registry\": true\n}\n<\/code><\/pre>\n\n\n\n
You have to restart the daemon after setting this (sudo systemctl restart docker<\/code>).<\/p>\n\n\n\n
On Windows or Mac you should config your deamon in a box like this:<\/p>\n\n\n\n
\"rafael-5\"\/<\/figure>\n\n\n\n
Now we have to authenticate your machine to the repo with:<\/p>\n\n\n\n
docker login -u admin -p admin123 your-repo:8082\ndocker login -u admin -p admin123 your-repo:8083\n<\/code><\/pre>\n\n\n\n
This will create an entry in ~\/.docker\/config.json<\/code>:<\/p>\n\n\n\n
{\n\t\"auths\": {\n\t\t\"your-repo:8082\": {\n\t\t\t\"auth\": \"YWRtaW46YWRtaW4xMjM=\"\n\t\t},\n\t\t\"your-repo:8083\": {\n\t\t\t\"auth\": \"YWRtaW46YWRtaW4xMjM=\"\n\t\t}\n}\n<\/code><\/pre>\n\n\n\n
To pull images from your repo, use (notice port 8082<\/strong> being used):<\/p>\n\n\n\n
docker pull your-repo:8082\/httpd:2.4-alpine\n<\/code><\/pre>\n\n\n\n
To push your own images to your repo, you have to tag the image with a tag that points to the repo. This is strange to me, since I was trying to think about Docker tags the same way I do about Git tags, but they seem be somewhat different (notice port 8083<\/strong> being used):<\/p>\n\n\n\n
docker tag your-own-image:1 your-repo:8083\/your-own-image:1\ndocker push your-repo:8083\/your-own-image:1\n<\/code><\/pre>\n\n\n\n
To pull your own images from the repo, you can use:<\/p>\n\n\n\n
docker tag your-own-image:1 your-repo:8082\/your-own-image:1\n# or\ndocker tag your-own-image:1 your-repo:8083\/your-own-image:1\n<\/code><\/pre>\n\n\n\n
Both ports will work. I suspect that is because using port 8083 will connect directly to the hosted repo, whilst using port 8082 will connect to the group repo, which contains the hosted repo. I suggest you to stick to port 8083<\/strong> to avoid duplicate images in your machines. If you chose to stick with port 8083 to pull your own images, you probably could skip creating the group repo, if you prefer.<\/p>\n","protected":false},"excerpt":{"rendered":"
This is the third and last part of a series of posts on […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-4204","post","type-post","status-publish","format-standard","hentry","category-day"],"_links":{"self":[{"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/posts\/4204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4204"}],"version-history":[{"count":1,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/posts\/4204\/revisions"}],"predecessor-version":[{"id":4205,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=\/wp\/v2\/posts\/4204\/revisions\/4205"}],"wp:attachment":[{"href":"http:\/\/switch.linesno.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4204"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/switch.linesno.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}